Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135332e39322e3138392e302f32342d3234203d3e20323031333431.roa
File: 3135332e39322e3138392e302f32342d3234203d3e20323031333431.roa (raw, json)
Hash identifier: ZP2MaTY0RyrSrK9yXMzpv2ocxJvRsdxZLcIR4ZnKjf4=
Subject key identifier: AF:33:C5:04:B5:60:61:5C:29:DE:20:BF:3C:79:EF:07:7B:9E:46:B5
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 32F420E76FD02CFB8305C7F2F9EC005C7C8E6A03
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135332e39322e3138392e302f32342d3234203d3e20323031333431.roa
Signing time: Mon 29 Dec 2025 09:51:06 +0000
ROA not before: Mon 29 Dec 2025 09:46:06 +0000
ROA not after: Mon 28 Dec 2026 09:51:06 +0000
asID: 201341
IP address blocks: 153.92.189.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 23 Feb 2026 21:36:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:f4:20:e7:6f:d0:2c:fb:83:05:c7:f2:f9:ec:00:5c:7c:8e:6a:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Dec 29 09:46:06 2025 GMT
Not After : Dec 28 09:51:06 2026 GMT
Subject: CN=AF33C504B560615C29DE20BF3C79EF077B9E46B5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:60:48:06:85:b3:7a:42:b4:5a:7c:88:cb:94:
63:1e:7c:40:e4:22:5e:51:71:cf:bd:53:13:1b:02:
1b:7e:45:58:4a:08:59:06:ce:a1:54:54:20:3b:16:
e0:d6:93:04:c1:71:c4:1b:8f:e5:4e:4c:93:45:7e:
1f:2e:74:da:9e:68:7a:2d:df:78:93:29:74:e7:e7:
3e:6e:b3:c2:05:9b:64:d2:2e:de:20:ac:0b:98:a5:
3b:ce:fa:8c:ce:fa:c7:1e:cf:f1:fe:55:5f:88:e7:
d7:d4:4e:49:00:55:5d:7f:c7:db:58:91:d5:74:b6:
b3:51:41:b6:1a:d0:ac:5b:6d:76:3a:9f:ce:c4:ea:
05:85:5c:cb:5c:5c:ea:25:1b:8e:b6:a4:2a:b1:da:
0c:d2:de:02:9e:57:95:5b:d6:2f:47:81:08:88:44:
c6:86:f4:17:26:a9:ca:6a:84:96:74:08:32:fd:e4:
bc:75:5e:6c:91:3c:8f:83:ad:be:6f:62:29:81:de:
ed:ae:6e:a7:d7:55:41:98:03:43:73:21:d1:f7:0e:
d1:04:06:44:36:52:a2:c2:2b:d3:50:6f:03:45:53:
fb:81:9a:77:75:78:30:0c:57:e5:b2:ba:4c:8e:33:
0b:46:fb:95:8a:8c:1e:81:1a:9f:bf:48:75:e3:a2:
50:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:33:C5:04:B5:60:61:5C:29:DE:20:BF:3C:79:EF:07:7B:9E:46:B5
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135332e39322e3138392e302f32342d3234203d3e20323031333431.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
153.92.189.0/24
Signature Algorithm: sha256WithRSAEncryption
01:f2:99:f5:1c:08:c1:25:d5:c6:8d:b7:7e:42:af:27:c8:81:
c5:e1:a6:61:8f:38:0e:28:51:c5:77:4e:1f:72:b6:01:1b:4c:
07:0c:ad:f7:8c:df:3b:07:9a:db:ce:72:5e:0b:51:59:4b:a3:
d5:0a:8a:50:74:ef:35:d0:9e:8b:76:04:27:24:bd:30:f9:7d:
68:2a:b6:82:51:2e:40:0d:02:34:e6:fe:68:ea:22:3f:cd:5f:
ce:9f:fe:23:47:86:1f:7d:4a:13:34:c3:8a:dd:c7:69:47:4a:
47:fd:38:6c:51:6f:c1:c1:c9:a1:12:fb:fd:8e:05:ba:87:6b:
b3:fc:ab:b4:31:9d:7c:cd:ae:b2:6c:1f:43:da:52:eb:38:33:
e1:26:7c:e8:12:b4:c3:23:58:4b:9a:59:53:43:ca:20:4e:07:
cb:3f:a4:17:7a:ae:1b:21:0f:22:4a:eb:4a:c7:66:94:96:da:
67:13:ed:7c:53:6d:e3:12:6f:d5:0f:92:4f:e6:aa:5b:52:6b:
9b:c2:e0:69:e5:aa:d5:f7:a8:c4:6a:80:fb:b8:01:ab:dd:29:
fa:59:bb:78:7d:40:02:87:a1:f0:26:60:f5:4c:c2:3e:ff:07:
93:f9:47:84:b9:4f:2d:5c:4f:08:9b:ff:df:85:85:4e:ff:2a:
d6:79:25:e5
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUMvQg52/QLPuDBcfy+ewAXHyOagMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTEyMjkwOTQ2MDZaFw0yNjEyMjgwOTUxMDZaMDMxMTAvBgNV
BAMTKEFGMzNDNTA0QjU2MDYxNUMyOURFMjBCRjNDNzlFRjA3N0I5RTQ2QjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDjYEgGhbN6QrRafIjLlGMefEDk
Il5Rcc+9UxMbAht+RVhKCFkGzqFUVCA7FuDWkwTBccQbj+VOTJNFfh8udNqeaHot
33iTKXTn5z5us8IFm2TSLt4grAuYpTvO+ozO+scez/H+VV+I59fUTkkAVV1/x9tY
kdV0trNRQbYa0KxbbXY6n87E6gWFXMtcXOolG462pCqx2gzS3gKeV5Vb1i9HgQiI
RMaG9BcmqcpqhJZ0CDL95Lx1XmyRPI+Drb5vYimB3u2ubqfXVUGYA0NzIdH3DtEE
BkQ2UqLCK9NQbwNFU/uBmnd1eDAMV+WyukyOMwtG+5WKjB6BGp+/SHXjolCdAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUrzPFBLVgYVwp3iC/PHnvB3ueRrUwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTMzMmUzOTMyMmUzMTM4
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzEzMzM0MzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACZXL0wDQYJKoZIhvcNAQELBQADggEBAAHymfUcCMEl1caNt35CryfIgcXhpmGP
OA4oUcV3Th9ytgEbTAcMrfeM3zsHmtvOcl4LUVlLo9UKilB07zXQnot2BCckvTD5
fWgqtoJRLkANAjTm/mjqIj/NX86f/iNHhh99ShM0w4rdx2lHSkf9OGxRb8HByaES
+/2OBbqHa7P8q7QxnXzNrrJsH0PaUus4M+EmfOgStMMjWEuaWVNDyiBOB8s/pBd6
rhshDyJK60rHZpSW2mcT7XxTbeMSb9UPkk/mqltSa5vC4GnlqtX3qMRqgPu4Aavd
KfpZu3h9QAKHofAmYPVMwj7/B5P5R4S5Ty1cTwib/9+FhU7/KtZ5JeU=
-----END CERTIFICATE-----
Generated at Mon Feb 23 03:00:41 2026 by rpki-client